Search CVE reports
141 – 150 of 42993 results
Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths...
1 affected package
flatpak-builder
| Package | 18.04 LTS |
|---|---|
| flatpak-builder | Needs evaluation |
HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is...
1 affected package
hdf5
| Package | 18.04 LTS |
|---|---|
| hdf5 | Needs evaluation |
CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53,...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 18.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | Needs evaluation |
| tomcat8 | Needs evaluation |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |